POSTFIX Won't Start says: bind 0.0.0.0 port 25: Address already in use

Bruno de Goyrans asked:

Sorry, I’ve read tons of related topics but didn’t get solutions for my issue.

Suddenly this morning, POSTFIX did not respond. I didn’t do anything special in my server.

POSTFIX status says :

postfix.service - LSB: Postfix Mail Transport Agent
Loaded: loaded (/etc/init.d/postfix)
Drop-In: /run/systemd/generator/postfix.service.d
       └─50-postfix-$mail-transport-agent.conf
Active: active (exited) since Sat 2019-02-02 13:40:22 CET; 10s ago
Process: 19382 ExecStop=/etc/init.d/postfix stop (code=exited, status=0/SUCCESS)
     Process: 19398 ExecStart=/etc/init.d/postfix start (code=exited, status=0/SUCCESS)

Feb 02 13:40:22 ns339072.ip-188-165-253.eu postfix[19398]: Starting Postfix Mail Transport Agent: postfix.
Feb 02 13:40:22 ns339072.ip-188-165-253.eu systemd[1]: Started LSB: Postfix Mail Transport Agent.
Feb 02 13:40:22 ns339072.ip-188-165-253.eu postfix/master[19507]: fatal: bind 0.0.0.0 port 25: Address already in use

says PORT 25 already in use but I can’t find by whom?

sendmail is not activated on my server.

netstat -lnp |grep :25

returns nothing

postconf -n :

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mydestination = $myhostname, localhost.$mydomain, $mydomain
mydomain = bilp.fr
myhostname = mail.bilp.fr
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
sender_bcc_maps = hash:/etc/postfix/bcc
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated    reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = hash:/etc/postfix/virtual

/etc/network/interfaces :

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo eth0 eth0:1 eth0:2 eth0:3 eth0:4 eth0:5 eth0:6 eth0:7 eth0:8 eth0:9
iface lo inet loopback

iface eth0 inet static
    address 188.165.253.141
    netmask 255.255.255.0
    broadcast 188.165.253.255
    gateway 188.165.253.254

iface eth0 inet6 static
    address 2001:41d0:0002:c88d::
    netmask 64
    dns-nameservers 2001:41d0:3:163::1
    post-up sleep 5; /sbin/ip -family inet6 route add 2001:41d0:0002:c8ff:ff:ff:ff:ff dev eth0
    post-up sleep 5; /sbin/ip -family inet6 route add default via 2001:41d0:0002:c8ff:ff:ff:ff:ff
    pre-down /sbin/ip -family inet6 route del default via 2001:41d0:0002:c8ff:ff:ff:ff:ff
    pre-down /sbin/ip -family inet6 route del 2001:41d0:0002:c8ff:ff:ff:ff:ff dev eth0

iface eth0:1 inet static
    address 188.165.53.208
    netmask 255.255.255.0
    broadcast 188.165.53.255
    network 188.165.53.0


iface eth0:2 inet static
    address 149.202.31.242
    netmask 255.255.255.0
    broadcast 149.202.31.255
    network 149.202.31.0

iface eth0:3 inet static
    address 178.33.162.237
    netmask 255.255.255.0
    broadcast 178.33.162.255
    network 178.33.162.0

iface eth0:4 inet static
    address 178.32.54.176
    netmask 255.255.255.0
    broadcast 178.32.54.255
    network 178.32.54.0

iface eth0:5 inet static
    address 149.202.114.212
    netmask 255.255.255.0
    broadcast 149.202.114.255
    network 149.202.114.0

iface eth0:6 inet static
    address 149.202.115.224
    netmask 255.255.255.0
    broadcast 149.202.115.255
    network 149.202.115.0

iface eth0:7 inet static
    address 46.105.76.217
    netmask 255.255.255.0
    broadcast 46.105.76.255
    network 46.105.76.0

iface eth0:8 inet static
    address 91.121.34.20
    netmask 255.255.255.0
    broadcast 91.121.34.255
    network 91.121.34.0

iface eth0:9 inet static
    address 94.23.45.172
    netmask 255.255.255.0
    broadcast 94.23.45.255
    network 94.23.45.0

ip addr :

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
   valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
   valid_lft forever preferred_lft forever
2: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 42:6a:1c:b2:03:b5 brd ff:ff:ff:ff:ff:ff
3: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 92:0b:61:9e:4a:1c brd ff:ff:ff:ff:ff:ff
4: ifb0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 32
link/ether ea:d2:75:2b:ec:b0 brd ff:ff:ff:ff:ff:ff
5: ifb1: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 32
link/ether c2:c6:f1:b0:2b:72 brd ff:ff:ff:ff:ff:ff
6: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether a4:bf:01:00:ca:15 brd ff:ff:ff:ff:ff:ff
inet 188.165.253.141/24 brd 188.165.253.255 scope global eth0
   valid_lft forever preferred_lft forever
inet 188.165.53.208/24 brd 188.165.53.255 scope global eth0:1
   valid_lft forever preferred_lft forever
inet 149.202.31.242/24 brd 149.202.31.255 scope global eth0:2
   valid_lft forever preferred_lft forever
inet 178.33.162.237/24 brd 178.33.162.255 scope global eth0:3
   valid_lft forever preferred_lft forever
inet 178.32.54.176/24 brd 178.32.54.255 scope global eth0:4
   valid_lft forever preferred_lft forever
inet 149.202.114.212/24 brd 149.202.114.255 scope global eth0:5
   valid_lft forever preferred_lft forever
inet 149.202.115.224/24 brd 149.202.115.255 scope global eth0:6
   valid_lft forever preferred_lft forever
inet 46.105.76.217/24 brd 46.105.76.255 scope global eth0:7
   valid_lft forever preferred_lft forever
inet 91.121.34.20/24 brd 91.121.34.255 scope global eth0:8
   valid_lft forever preferred_lft forever
inet 94.23.45.172/24 brd 94.23.45.255 scope global eth0:9
   valid_lft forever preferred_lft forever
inet6 2001:41d0:2:c88d::/64 scope global
   valid_lft forever preferred_lft forever
inet6 fe80::a6bf:1ff:fe00:ca15/64 scope link
   valid_lft forever preferred_lft forever
7: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether a4:bf:01:00:ca:16 brd ff:ff:ff:ff:ff:ff
8: teql0: <NOARP> mtu 1500 qdisc noop state DOWN group default qlen 100
link/void
9: [email protected]: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1
link/ipip 0.0.0.0 brd 0.0.0.0
10: [email protected]: <NOARP> mtu 1476 qdisc noop state DOWN group default qlen 1
link/gre 0.0.0.0 brd 0.0.0.0
11: [email protected]: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN group default qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
12: [email protected]: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1
link/sit 0.0.0.0 brd 0.0.0.0
13: [email protected]: <NOARP> mtu 1452 qdisc noop state DOWN group default qlen 1
link/tunnel6 :: brd ::

/etc/hosts:

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
188.165.253.141         ns339072.ip-188-165-253.eu      ns339072
2001:41d0:0002:c88d::   ns339072.ip-188-165-253.eu      ns339072

# The following lines are desirable for IPv6 capable hosts
#(added automatically by netbase upgrade)

::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

postconf -M:

188.165.253.141:smtp inet n -    -       -       -       smtpd -o     smtpd_sasl_auth_enable=yes
smtp       inet  n       -       -       -       1       postscreen
smtp4      unix  -       -       -       -       -       smtp -o     inet_protocols=ipv4
pickup     unix  n       -       -       60      1       pickup
cleanup    unix  n       -       -       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       -       1000?   1       tlsmgr
rewrite    unix  -       -       -       -       -       trivial-rewrite
bounce     unix  -       -       -       -       0       bounce
defer      unix  -       -       -       -       0       bounce
trace      unix  -       -       -       -       0       bounce
verify     unix  -       -       -       -       1       verify
flush      unix  n       -       -       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       -       -       -       smtp
relay      unix  -       -       -       -       -       smtp
showq      unix  n       -       -       -       -       showq
error      unix  -       -       -       -       -       error
retry      unix  -       -       -       -       -       error
discard    unix  -       -       -       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       -       -       -       lmtp
anvil      unix  -       -       -       -       1       anvil
scache     unix  -       -       -       -       1       scache
maildrop   unix  -       n       n       -       -       pipe flags=DRhu     user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp       unix  -       n       n       -       -       pipe flags=Fqhu     user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail     unix  -       n       n       -       -       pipe flags=F     user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp      unix  -       n       n       -       -       pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n       n       -       2       pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user}     ${extension}
mailman    unix  -       n       n       -       -       pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}
188.165.253.141:submission inet n - -    -       -       smtpd -o smtpd_sasl_auth_enable=yes
91.121.34.20:smtp inet n -       -       -       -       smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_cert_file=/home/terrasse-bois/ssl.cert -    o smtpd_tls_key_file=/home/terrasse-bois/ssl.key
127.0.0.1:smtp inet n    -       -       -       -       smtpd -o     smtpd_sasl_auth_enable=yes
91.121.34.20:submission inet n - -       -       -       smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_cert_file=/home/terrasse-bois/ssl.cert -o smtpd_tls_key_file=/home/terrasse-bois/ssl.key
127.0.0.1:submission inet n -    -       -       -       smtpd -o smtpd_sasl_auth_enable=yes
178.33.162.237:smtp inet n -     -       -       -       smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_cert_file=/home/pergola_comoconstruir/ssl.cert -o smtpd_tls_key_file=/home/pergola_comoconstruir/ssl.key
178.33.162.237:submission inet n - -     -       -       smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_cert_file=/home/pergola_comoconstruir/ssl.cert -o smtpd_tls_key_file=/home/pergola_comoconstruir/ssl.key
178.32.54.176:smtp inet n -      -       -       -       smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_cert_file=/home/pergola.howtodiyhome/ssl.cert -o smtpd_tls_key_file=/home/pergola.howtodiyhome/ssl.key
178.32.54.176:submission inet n - -      -       -       smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_cert_file=/home/pergola.howtodiyhome/ssl.cert -o smtpd_tls_key_file=/home/pergola.howtodiyhome/ssl.key

netstat -ntlp as root:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:8012            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8013            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8014            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      1522/dovecot
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN      1544/sshd
tcp        0      0 0.0.0.0:8015            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      1/init
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN      2582/perl
tcp        0      0 0.0.0.0:8016            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8017            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8018            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8019            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8020            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8021            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      1499/named
tcp        0      0 0.0.0.0:8022            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8023            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8024            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8025            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      1499/named
tcp        0      0 0.0.0.0:8026            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8027            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8028            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8029            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8030            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8031            0.0.0.0:*               LISTEN      944/php-fpm: pool 1
tcp        0      0 0.0.0.0:20000           0.0.0.0:*               LISTEN      2580/perl
tcp        0      0 0.0.0.0:8032            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8000            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8033            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8001            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8034            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8002            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8003            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8004            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8005            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8006            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8007            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 127.0.0.1:10023         0.0.0.0:*               LISTEN      1479/postgrey.pid -
tcp        0      0 0.0.0.0:8008            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8009            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      2247/mysqld
tcp        0      0 0.0.0.0:8010            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp        0      0 0.0.0.0:8011            0.0.0.0:*               LISTEN      1795/php-fpm.conf)
tcp6       0      0 :::110                  :::*                    LISTEN      1522/dovecot
tcp6       0      0 :::2222                 :::*                    LISTEN      1544/sshd
tcp6       0      0 :::143                  :::*                    LISTEN      1/init
tcp6       0      0 :::10000                :::*                    LISTEN      2582/perl
tcp6       0      0 :::80                   :::*                    LISTEN      2217/apache2
tcp6       0      0 ::1:53                  :::*                    LISTEN      1499/named
tcp6       0      0 ::1:953                 :::*                    LISTEN      1499/named
tcp6       0      0 :::443                  :::*                    LISTEN      2217/apache2

I have tried to reboot server. No progress.

Please HELP!

My answer:


It looks like you’re trying to run different TLS certificates on different IP addresses. You have configured master.cf to answer the smtp and submission ports for specific IPv4 addresses with different TLS certificates.

But, you have also left in the original smtp line which, for some reason, is set to call postscreen. This line is triggering the error. It can’t bind to INADDR_ANY because specific IP address listeners have already been bound. That is why you get the error Address already in use. And the reason you don’t see anything in netstat or lsof output is because Postfix quits and the addresses are unbound.

You should comment that line out of master.cf.


View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.